Add examples of docs to be added

README.md

@@ -3,8 +3,6 @@
 
 Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned!
 
-[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-
 * Vesta is an open source hosting control panel.
 * Vesta has a clean and focused interface without the clutter.
 * Vesta has the latest of very innovative technologies.

docs/api/readme.md

@@ -0,0 +1 @@
+The API documentations will be added here

docs/specifications/access_control_and_ownership.md

@@ -0,0 +1,32 @@
+[Back to Specifications](README.md)
+
+# VestaCP Access Control and Ownership
+VestaCP is built on the concept of federated access control and ownership for users. The hierarchy of ownership is as follows:
+- **Admin**: The highest level of ownership in VestaCP. The admin has the ability to create and manage users, and assign them to organisations and team. The admin can also create and manage servers, and assign them to organisations and teams. The admin can also create and manage organizations.
+- **Organization**: The second level of ownership in VestaCP. An organization can have multiple teams and projects. The organization can also have multiple users under teams. Organizations can be created by the admin.
+- **Team**: The third level of ownership in VestaCP. A team can have multiple projects and users. Teams can be created by the admin or organization owner.
+- **User**: The lowest level of ownership in VestaCP. A user can be assigned to an organisation or a team and can have access to projects. Users can be created by the admin, organization owner, or team owner.
+
+## Access Control
+Access control in VestaCP is based on the principle of least privilege. The admin, organization owner, and team owner can assign roles to users. Access control relies on a simple role-based access control (RBAC) model.
+
+## Authentication
+VestaCP uses a federated authentication model. Users can authenticate using their email address and password. The admin can also enable two-factor authentication for users. The API only accepts authentication using the header `Authorization: Bearer <token>`.
+
+*Note: Additional authentication such as SSO, SAML, and OAuth will be part of the roadmap for VestaCP.*
+
+# VestaCP Access Control and Ownership
+VestaCP is built on the concept of federated access control and ownership for users. The hierarchy of ownership is as follows:
+- **Admin**: The highest level of ownership in VestaCP. The admin has the ability to create and manage users, and assign them to organisations and team. The admin can also create and manage servers, and assign them to organisations and teams. The admin can also create and manage organizations.
+- **Organization**: The second level of ownership in VestaCP. An organization can have multiple teams and projects. The organization can also have multiple users under teams. Organizations can be created by the admin.
+- **Team**: The third level of ownership in VestaCP. A team can have multiple projects and users. Teams can be created by the admin or organization owner.
+- **User**: The lowest level of ownership in VestaCP. A user can be assigned to an organisation or a team and can have access to projects. Users can be created by the admin, organization owner, or team owner.
+
+## Access Control
+Access control in VestaCP is based on the principle of least privilege. The admin, organization owner, and team owner can assign roles to users. Access control relies on a simple role-based access control (RBAC) model.
+
+## Authentication
+VestaCP uses a federated authentication model. Users can authenticate using their email address and password. The admin can also enable two-factor authentication for users. The API only accepts authentication using the header `Authorization: Bearer <token>`.
+
+*Note: Additional authentication such as SSO, SAML, and OAuth will be part of the roadmap for VestaCP.*
+

docs/specifications/readme.me

@@ -0,0 +1,6 @@
+# VestaCP Specifications Documentation
+This directory contains the working Documentation for VestaCP
+
+
+## Table of Contents
+- [Access Control and Ownership](access_control_and_ownership.md)